Work in progress

I just wrapped up a class on Apache web server administration.  I learned a lot, some of it on purpose.  One of the things I learned accidentally is that Apache installs differently on Debian-based Linux distributions than on those based on Red Hat.  How did I learn this?  Well, the book used in class assumed a Red Hat distribution, and I used an Ubuntu 11.04 virtual appliance (Ubuntu is based on Debian).  Whoops.

So, now I have a bit of free time to work on my personal projects.  These include:

• Installing ESXi on my microserver.
• Building a DNS server virtual machine on my ESXi host for use on my LAN.
• Getting VMware Fusion running in Unity mode on my MacBook.
• Getting an amateur radio Technician license.
• Purchasing a radio with options beyond "what do you want to hear?" and "how loud?".

That's a pretty good list for now.  Back to working on a PowerShell script for my job.

Dropbox authentication: insecure by design

Dropbox authentication: insecure by design

Derek Newton, on his Information Security Insights blog, has observed that copying a single file (config.db), not specific to a particular computer, out of Dropbox's application data folder (%APPDATA%\Dropbox)*, allows anyone with that file to install and sync with the Dropbox account linked to that particular installation of the local client software. What's the big deal? This means that all of the files stored in that Dropbox are accessible** to anyone who has a copy of that particular config.db, even if the password for the Dropbox account is changed. Please give the original post a read for his three recommendations to deal with this vulnerability.

*His example is from a machine running Windows.

** For viewing, copying, changing or infecting with malware.

I want: HP ProLiant MicroServer

HP ProLiant MicroServer series overview - HP Small & Medium Business

These are quite affordable (<$400), fairly expandable and capable of RAID 0 or 1.

I think I'm going to get one and put ESXi on it.